[Midnightbsd-cvs] src [9195] stable/0.8/crypto/openssl/ssl: Due to improper handling of alert packets, OpenSSL would consume an excessive

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Thu Nov 3 07:37:10 EDT 2016 

Revision: 9195
          http://svnweb.midnightbsd.org/src/?rev=9195
Author:   laffer1
Date:     2016-11-03 07:37:09 -0400 (Thu, 03 Nov 2016)
Log Message:
-----------
Due to improper handling of alert packets, OpenSSL would consume an excessive
amount of CPU time processing undefined alert messages.

Modified Paths:
--------------
    stable/0.8/crypto/openssl/ssl/d1_pkt.c
    stable/0.8/crypto/openssl/ssl/s3_pkt.c
    stable/0.8/crypto/openssl/ssl/ssl.h
    stable/0.8/crypto/openssl/ssl/ssl3.h
    stable/0.8/crypto/openssl/ssl/ssl_locl.h

Modified: stable/0.8/crypto/openssl/ssl/d1_pkt.c
===================================================================
--- stable/0.8/crypto/openssl/ssl/d1_pkt.c	2016-11-03 11:36:09 UTC (rev 9194)
+++ stable/0.8/crypto/openssl/ssl/d1_pkt.c	2016-11-03 11:37:09 UTC (rev 9195)
@@ -924,6 +924,13 @@
         goto start;
     }
 
+    /*
+     * Reset the count of consecutive warning alerts if we've got a non-empty
+     * record that isn't an alert.
+     */
+    if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+        s->s3->alert_count = 0;
+
     /* we now have a packet which can be read and processed */
 
     if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1190,6 +1197,14 @@
 
         if (alert_level == SSL3_AL_WARNING) {
             s->s3->warn_alert = alert_descr;
+
+            s->s3->alert_count++;
+            if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+                al = SSL_AD_UNEXPECTED_MESSAGE;
+                SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+                goto f_err;
+            }
+
             if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
 #ifndef OPENSSL_NO_SCTP
                 /*

Modified: stable/0.8/crypto/openssl/ssl/s3_pkt.c
===================================================================
--- stable/0.8/crypto/openssl/ssl/s3_pkt.c	2016-11-03 11:36:09 UTC (rev 9194)
+++ stable/0.8/crypto/openssl/ssl/s3_pkt.c	2016-11-03 11:37:09 UTC (rev 9195)
@@ -1057,6 +1057,13 @@
             return (ret);
     }
 
+    /*
+     * Reset the count of consecutive warning alerts if we've got a non-empty
+     * record that isn't an alert.
+     */
+    if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+        s->s3->alert_count = 0;
+
     /* we now have a packet which can be read and processed */
 
     if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1271,6 +1278,14 @@
 
         if (alert_level == SSL3_AL_WARNING) {
             s->s3->warn_alert = alert_descr;
+
+            s->s3->alert_count++;
+            if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+                al = SSL_AD_UNEXPECTED_MESSAGE;
+                SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+                goto f_err;
+            }
+
             if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
                 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
                 return (0);

Modified: stable/0.8/crypto/openssl/ssl/ssl.h
===================================================================
--- stable/0.8/crypto/openssl/ssl/ssl.h	2016-11-03 11:36:09 UTC (rev 9194)
+++ stable/0.8/crypto/openssl/ssl/ssl.h	2016-11-03 11:37:09 UTC (rev 9195)
@@ -2713,6 +2713,7 @@
 # define SSL_R_TLS_HEARTBEAT_PENDING                      366
 # define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL                 367
 # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST             157
+# define SSL_R_TOO_MANY_WARN_ALERTS                       409
 # define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
 # define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG    234
 # define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER            235

Modified: stable/0.8/crypto/openssl/ssl/ssl3.h
===================================================================
--- stable/0.8/crypto/openssl/ssl/ssl3.h	2016-11-03 11:36:09 UTC (rev 9194)
+++ stable/0.8/crypto/openssl/ssl/ssl3.h	2016-11-03 11:37:09 UTC (rev 9195)
@@ -585,6 +585,8 @@
     char is_probably_safari;
 #   endif                       /* !OPENSSL_NO_EC */
 #  endif                        /* !OPENSSL_NO_TLSEXT */
+    /* Count of the number of consecutive warning alerts received */
+    unsigned int alert_count;
 } SSL3_STATE;
 
 # endif

Modified: stable/0.8/crypto/openssl/ssl/ssl_locl.h
===================================================================
--- stable/0.8/crypto/openssl/ssl/ssl_locl.h	2016-11-03 11:36:09 UTC (rev 9194)
+++ stable/0.8/crypto/openssl/ssl/ssl_locl.h	2016-11-03 11:37:09 UTC (rev 9195)
@@ -389,6 +389,8 @@
  */
 # define SSL_MAX_DIGEST 6
 
+# define MAX_WARN_ALERT_COUNT    5
+
 # define TLS1_PRF_DGST_MASK      (0xff << TLS1_PRF_DGST_SHIFT)
 
 # define TLS1_PRF_DGST_SHIFT 10

More information about the Midnightbsd-cvs mailing list